<?php

class Yamb extends Controller {
	public function index() {
		$this->display("index");
	}
	public function layout($element=null) {		
		$this->set("player", $this->_getPlayer());
		$this->set("fb_player", $this->_getFBPlayer());
		$this->set("uuid", $_POST["uuid"]);
		$this->set("options", $_POST["options"]);
		
		if($element){
			echo $this->fetch("yamb/elements/" . $element);
		}else{
			$this->display("yamb/layout");
		}
	}
	public function login() {
		$username = $_POST["username"];
		$password = $_POST["password"];
		
		$q = "SELECT id, username, firstname, lastname FROM players WHERE username='$username' AND `password`=PASSWORD('$password') AND verified=''";
		$player = $this->db_query($q);
		if($player) {
			$player = $player[0];
			
			$this->session_write("player", $player);
			$this->db_query("UPDATE players SET online=1 where id=".$player["id"]." LIMIT 1");
			
			$out = "";
			foreach($player as $k=>$v) {
				$out .= ", \"$k\": \"$v\"";
			}
			$out = "{". substr($out, 2) . "}";
			echo $out;
		}else{
			die("{}");
		}
	}
	public function logout() {
		if($player = $this->_getPlayer()) {
			$this->db_query("UPDATE players SET online=0 where id=".$player["id"]." LIMIT 1");
		}
		$this->session_write("player", null);
	}
	public function register() {
		$firstname = $_POST["firstname"];
		$lastname = $_POST["lastname"];
		$email = $_POST["email"];
		$username = $_POST["username"];
		$password = $_POST["password"];
		
		$code = 0;
		$message = "Nalog kreiran. Molimo proverite gore navedenu e-mail adresu radi potvrde identiteta.";
		
		// check email, username
		list($email_exists) = $this->db_query("SELECT id FROM players WHERE email='$email' LIMIT 1");
		list($username_exists) = $this->db_query("SELECT id FROM players WHERE username='$username' LIMIT 1");
		if($email_exists) {
			$code = 1;
			$message = "Korisnički nalog za navedenu e-mail adresu već postoji.";
		}else if($username_exists) {
			$code = 1;
			$message = "Korisnički nalog za navedeno korisničko ime već postoji.";
		}else {
			$buffer = "qwertyuiopasdfghjklzxcvbnm0123456789";
			$hash = "";
			for($i=0; $i<20; $i++) {
				$hash .= substr($buffer, rand(0,strlen($buffer)-1), 1);
			}
			$q = "INSERT INTO players(`username`,`password`,`firstname`,`lastname`,`email`,`verified`) "
				."VALUES('$username',PASSWORD('$password'),'$firstname','$lastname','$email','$hash')";
			if(!$this->db_exec($q)) {
				$code = 1;
				$message = "Sistemska greška pri kreiranju naloga. Molimo Vas pokušajte ponovo.";
			}else{
				$this->set("name", "$firstname $lastname");
				$this->set("hash", "$hash");
				$html = $this->fetch("yamb/activation_mail");
				$this->sendMail($email, "Yamb.info - aktivacija naloga", $html);
			}
		}
		
		echo "{'code': '$code', 'message': '$message'}";
	}
	public function verify($code=null) {
		$verified = 0;
		if($code) {
			$this->set("hash", $code);
			list($player) = $this->db_query("SELECT id FROM players WHERE verified='$code'");
			if($player) {
				$verified = 1;
				$this->db_exec("UPDATE players SET verified='' WHERE id=".$player["id"]." LIMIT 1");
			}
		}
		$this->set("verified", $verified);
		$this->display("yamb/verify");
	}
}

?>